finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes standard, well-known development tools including Git and the GitHub CLI (gh) for their intended purposes. All network-facing operations like pushing code and creating pull requests are performed against the user's established remote origins.
- [SAFE]: A manual confirmation mechanism is required for the 'Discard' option, where the user must explicitly type 'discard' before any branch or worktree deletion occurs, mitigating the risk of accidental work loss.
- [SAFE]: Secure command execution patterns are used, notably the use of quoted heredoc delimiters ('EOF') in the pull request creation step, which ensures that external content is treated as literal text and prevents shell interpolation or injection.
- [PROMPT_INJECTION]: Analyzed for Indirect Prompt Injection (Category 8). 1. Ingestion points: The skill reads branch names and commit history from the repository. 2. Boundary markers: None explicitly mentioned for variable interpolation. 3. Capability inventory: Executes Git commands, GitHub CLI, and local test runners (npm/cargo/etc.). 4. Sanitization: Employs quoted heredocs and mandatory user confirmation for deletions. The risk of exploitation via repo metadata is considered minimal and handled as a best-practice development workflow.
Audit Metadata